Many mobile applications from different vendors may run on a single end user's device. To protect one application from other applications, the mobile Operating System (OS) provides a sandbox for each application. The sandbox prevents direct memory access from one application to another. For example, iOS® (APPLE'S mobile OS) blocks sharing of the “KeyChain” that is used to hold credentials and other secrets, unless two applications are from a same vendor and are registered with APPLE with the same “bundle identifier (ID).” This is a good features for security but a bad for Single-Sign On (SSO) applications, because there is no secure way to pass unprotected credentials from one application to another application; so, this limits SSO applications on iOS® devices.
Therefore, there is a need for providing SSO capabilities on devices that attempt to control and limit the passing of credentials and secrets without comprising security on those devices.